I've run into an issue. I am building an Ajax application with PHP, and am sanitizing my inputs via htmlspecialchars(). I am then processing the inputted string and using that to set the data attributes of certain html elements. There's my problem.
Let's just say the user wrote <html>. That input, with htmlspecialchars(), would be turned into <html>. Now this is fine for displaying the content, but for the data attributes, I would like it to be inserted as <html>. Is this possible?
there is a function that reverses what htmlspecialchars does:
htmlspecialchars_decode()
http://php.net/manual/en/function.htmlspecialchars-decode.php